Client server communication system

ABSTRACT

A method for communicating with a server application. A first request is received by a first agent application on a first client computer system from the server application to request that a second agent application on a second client computer system communicate with the server application. Responsive to receiving the first request, a second request is sent by the first agent application to the second agent application on the second client computer system to communicate with the server application.

This application is a continuation of application Ser. No. 13/172,924,filed Jun. 30, 2011, status pending.

BACKGROUND OF THE INVENTION

1. Field of the Invention

The present disclosure relates generally to network data processingsystems and, in particular, to a method and apparatus for communicationsbetween a client and a server.

2. Description of the Related Art

In a network data processing system, server computers may provideresources to client devices. These client devices may be, for example, acomputer, a mobile phone, a switch, and/or other suitable types ofdevices. A server application in a server computer may monitor orcontrol remote devices. The monitoring or control may be performed by anagent application running on the remote device.

Communications between an agent application and a server application maybe performed in a number of different ways. For example, an agentapplication may periodically contact a server to send status updates.The agent also may check for any work that may need to be performed.This work may include, for example, changes in configuration, installingsoftware, and other suitable types of work.

An agent also may communicate with a server by listening to a socket forcommunications from a server application. A socket, in these examples,is an endpoint for communication flows. A socket may take the form of anapplication programming interface in a transmission controlprotocol/Internet protocol stack. This type of socket is a listeningsocket. When the agent application accepts an inbound request forcommunications, the server application may communicate with the agentapplication. The server application may send requests for statusinformation, send commands, and make other requests of the agentapplication.

In another example, a persistent connection may be present between theserver application and the agent application. The agent application maycontact the server and maintain a connection that allows forcommunications to flow in both directions.

SUMMARY OF THE INVENTION

In these illustrative embodiments, a method for communicating with aserver application is provided. A first request is received by a firstagent application on a first client computer system from the serverapplication to request to instruct a second agent application on asecond client computer system to communicate with the serverapplication. Responsive to receiving the first request, a second requestis sent by the first agent application to the second agent applicationon the second client computer system to communicate with the serverapplication.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a block diagram of an example of a cloud computing node inaccordance with an illustrative embodiment;

FIG. 2 is an illustration of a cloud computing environment in accordancewith an illustrative embodiment;

FIG. 3 is an illustration of model layers in accordance with anillustrative embodiment;

FIG. 4 is a block diagram of a communications environment in accordancewith an illustrative embodiment;

FIG. 5 is an illustration of contact information in accordance with anillustrative embodiment;

FIG. 6 is an illustration of identity information in accordance with anillustrative embodiment;

FIG. 7 is an illustration of an implementation for an agent database inaccordance with an illustrative embodiment;

FIG. 8 is an illustration of a client entry in an agent database inaccordance with an illustrative embodiment;

FIG. 9 is an illustration of an entry for a network identity inaccordance with an illustrative embodiment;

FIG. 10 is an illustration of a communications environment in accordancewith an illustrative embodiment;

FIG. 11 is an illustration of a flowchart of a process for managingcommunications with agent applications in accordance with anillustrative embodiment;

FIG. 12 is an illustration of a flowchart of a process for managingcommunications with agent applications in accordance with anillustrative embodiment;

FIG. 13 is an illustration of a flowchart of a process for processing aserver application in accordance with an illustrative embodiment; and

FIG. 14 is an illustration of a flowchart of a process for managing arequest received over a listening socket in accordance with anillustrative embodiment.

DETAILED DESCRIPTION OF THE EMBODIMENT

As will be appreciated by one skilled in the art, aspects of the presentinvention may be embodied as a system, method, or computer programproduct. Accordingly, aspects of the present invention may take the formof an entirely hardware embodiment, an entirely software embodiment(including firmware, resident software, micro-code, etc.), or anembodiment combining software and hardware aspects that may allgenerally be referred to herein as a “circuit,” “module,” or “system.”Furthermore, aspects of the present invention may take the form of acomputer program product embodied in one or more computer readablemedium(s) having computer readable program code embodied thereon.

Any combination of one or more computer readable medium(s) may beutilized. The computer readable medium may be a computer readable signalmedium or a computer readable storage medium. A computer readablestorage medium may be, for example, without limitation, an electronic,magnetic, optical, electromagnetic, infrared, or semiconductor system,apparatus, or device, or any suitable combination of the foregoing. Morespecific examples (a non-exhaustive list) of the computer readablestorage medium would include the following: an electrical connectionhaving one or more wires, a portable computer diskette, a hard disk, arandom access memory (RAM), a read-only memory (ROM), an erasableprogrammable read-only memory (EPROM or Flash memory), an optical fiber,a portable compact disk read-only memory (CD-ROM), an optical storagedevice, a magnetic storage device, or any suitable combination of theforegoing. In the context of this document, a computer readable storagemedium may be any tangible medium that can contain or store a programfor use by or in connection with an instruction processing system,apparatus, or device.

A computer readable signal medium may include a propagated data signalwith computer readable program code embodied therein, for example, inbaseband or as part of a carrier wave. Such a propagated signal may takeany of a variety of forms, including, without limitation,electromagnetic, optical, or any suitable combination thereof. Acomputer readable signal medium may be any computer readable medium thatis not a computer readable storage medium and that can communicate,propagate, or transport a program for use by or in connection with aninstruction processing system, apparatus, or device.

Program code embodied on a computer readable medium may be transmittedusing any appropriate medium, including, without limitation, wireless,wireline, optical fiber cable, RF, etc., or any suitable combination ofthe foregoing.

Computer program code for carrying out operations for aspects of thepresent invention may be written in any combination of one or moreprogramming languages, including an object-oriented programminglanguage, such as Java, Smalltalk, C++, or the like, and conventionalprocedural programming languages, such as the “C” programming languageor similar programming languages. The program code may run entirely onthe user's computer, partly on the user's computer, as a stand-alonesoftware package, partly on the user's computer and partly on a remotecomputer, or entirely on the remote computer or server. In the latterscenario, the remote computer may be connected to the user's computerthrough any type of network, including a local area network (LAN), awide area network (WAN), or the connection may be made to an externalcomputer (for example, through the Internet using an Internet ServiceProvider).

Aspects of the present invention are described below with reference toflowcharts and/or block diagrams of methods, apparatus (systems), andcomputer program products according to embodiments of the invention. Itwill be understood that each block of the flowcharts and/or blockdiagrams, and combinations of blocks in the flowcharts and/or blockdiagrams, can be implemented by computer program instructions. Thesecomputer program instructions may be provided to a processor of ageneral purpose computer, special purpose computer, or otherprogrammable data processing apparatus to produce a machine, such thatthe instructions, which are processed via the processor of the computeror other programmable data processing apparatus, that create means forimplementing the functions/acts specified in the flowchart and/or blockdiagram block or blocks.

These computer program instructions may also be stored in a computerreadable medium that can direct a computer, other programmable dataprocessing apparatus, or other devices to function in a particularmanner such that the instructions stored in the computer readable mediumproduce an article of manufacture including instructions, whichimplement the function/act specified in the flowchart and/or blockdiagram block or blocks.

The computer program instructions may also be loaded onto a computer,other programmable data processing apparatus, or other devices to causea series of operational steps to be performed on the computer, otherprogrammable apparatus, or other devices to produce acomputer-implemented process such that the instructions, which areprocessed on the computer or other programmable apparatus, provideprocesses for implementing the functions/acts specified in the flowchartand/or block diagram block or blocks. It is understood in advance thatalthough this disclosure includes a detailed description of cloudcomputing, implementation of the teachings recited herein are notlimited to a cloud computing environment. Rather, the illustrativeembodiments are capable of being implemented in conjunction with anyother type of computing environment now known or later developed.

For convenience, the disclosure includes the following definitions,which have been derived from the “Draft NIST Working Definition of CloudComputing” by Peter Mell and Tim Grance, dated Oct. 7, 2009, which iscited in an information disclosure statement filed herewith.

Cloud computing is a model of service delivery for enabling convenient,on-demand network access to a shared pool of configurable computing thatcan be rapidly provisioned and released with minimal management effortor interaction with a provider of the service. The computer resourcesmay be, for example, resource networks, network bandwidth, servers,processing, memory, storage, applications, virtual machines, andservices. This cloud model may include at least five characteristics, atleast three service models, and at least four deployment models.

Characteristics include on-demand self-service, broad network access,resource pooling, rapid elasticity, and measured service. With on-demandself-service, a cloud consumer can unilaterally provision computingcapabilities as needed automatically without requiring human interactionwith the service's provider. The computer capabilities include, forexample, server time and network storage.

Broad network access involves capabilities that are available over anetwork and accessed through standard mechanisms that promote use byheterogeneous thin or thick client platforms, such as mobile phones,laptops, and personal digital assistants (PDAs). With resource pooling,the provider's computing resources are pooled to serve multipleconsumers using a multi-tenant model with different physical and virtualresources dynamically assigned and reassigned according to demand. Thereis a sense of location independence in that the consumer generally hasno control or knowledge over the exact location of the providedresources but may be able to specify a location at a higher level ofabstraction. The higher level of abstraction may be, for example, acountry, state, or datacenter.

Rapid elasticity involves capabilities that can be rapidly andelastically provisioned, in some cases automatically, to quickly scaleout and rapidly release to quickly scale in. To the consumer, thecapabilities available for provisioning often appear to be unlimited andcan be purchased in any quantity at any time.

With measured service, cloud systems automatically control and optimizeresource use by leveraging a metering capability at some level ofabstraction appropriate to the type of service (e.g., storage,processing, bandwidth, and active user accounts). Resource usage can bemonitored, controlled, and reported providing transparency for both theprovider and consumer of the utilized service.

Service models include software as a service (SaaS), platform as aservice (PaaS), and infrastructure as a service (IaaS). With software asa service (SaaS), a capability is provided to the consumer to use theprovider's applications running on a cloud infrastructure. Theapplications are accessible from various client devices through a thinclient interface, such as a web browser (e.g., web-based e-mail). Theconsumer does not manage or control the underlying cloud infrastructureincluding network, servers, operating systems, storage, or evenindividual application capabilities, with the possible exception oflimited user-specific application configuration settings.

Platform as a service (PaaS) is a capability provided to the consumer todeploy onto the cloud infrastructure consumer-created or acquiredapplications created using programming languages and tools supported bythe provider. The consumer does not manage or control the underlyingcloud infrastructure including networks, servers, operating systems, orstorage. Instead, the consumer has control over the deployedapplications and possibly application hosting environmentconfigurations.

Infrastructure as a service (IaaS) is a capability provided to theconsumer to provision processing, storage, networks, and otherfundamental computing resources where the consumer is able to deploy andrun arbitrary software, which can include operating systems andapplications. The consumer does not manage or control the underlyingcloud infrastructure but has control over operating systems, storage,deployed applications, and possibly limited control of select networkingcomponents. These network components include, for example, hostfirewalls.

Deployment models include, for example, a private cloud, a communitycloud, a public cloud, and a hybrid cloud. A private cloud has a cloudinfrastructure that is operated solely for an organization. This type ofcloud may be managed by the organization or a third party and may existon-premises or off-premises.

A community cloud is the cloud infrastructure that is shared by severalorganizations and supports a specific community that has sharedconcerns. These concerns include, for example, mission, securityrequirements, policy, and compliance considerations. A community cloudmay be managed by the organizations or a third party. This type of cloudmay exist on-premises or off-premises.

A public cloud is the cloud infrastructure that is made available to thegeneral public or a large industry group and is owned by an organizationselling cloud services.

A hybrid cloud is the cloud infrastructure that is a composition of twoor more clouds. For example, without limitation, a hybrid cloud may be acombination of two or more of a private cloud, a community cloud, and/ora public cloud. A hybrid cloud includes clouds that remain uniqueentities but are bound together by standardized or proprietarytechnology that enables data and application portability. The data andapplication portability includes, for example, cloud bursting forload-balancing between clouds that form the hybrid cloud.

A cloud computing environment is service oriented with a focus onstatelessness, low coupling, modularity, and semantic interoperability.At the heart of cloud computing is an infrastructure comprising anetwork of interconnected nodes.

The computer program instructions may also be loaded onto a computer,other programmable data processing apparatus, or other devices to causea series of operational steps to be performed on the computer, otherprogrammable apparatus, or other devices to produce acomputer-implemented process such that the instructions, which run onthe computer or other programmable apparatus, provide processes forimplementing the functions/acts specified in the flowchart and/or blockdiagram block or blocks.

With reference now to FIG. 1, a block diagram of an example of a cloudcomputing node is depicted in accordance with an illustrativeembodiment. Cloud computing node 10 is only one example of a suitablecloud computing node and is not intended to suggest any limitation as tothe scope of use or functionality of embodiments of the inventiondescribed herein. Regardless, cloud computing node 10 is capable ofbeing implemented and/or performing any of the functionality set forthhereinabove.

In cloud computing node 10 there is computer system 12, which isoperational with numerous other general purpose or special purposecomputing system environments or configurations. Examples of well-knowncomputing systems, environments, and/or configurations that may besuitable for use with computer system 12 include, but are not limitedto, personal computer systems, server computer systems, thin clients,thick clients, hand-held or laptop devices, multiprocessor systems,microprocessor-based systems, set-top boxes, programmable consumerelectronics, network PCs, minicomputer systems, mainframe computersystems, and distributed cloud computing environments that include anyof the above systems or devices, and the like.

Computer system 12 may be described in the general context of computersystem-executable instructions, such as program modules, being run by acomputer system. Generally, program modules may include routines,programs, objects, components, logic, data structures, and so on thatperform particular tasks or implement particular abstract data types.Computer system 12 may be practiced in distributed cloud computingenvironments where tasks are performed by remote processing devices thatare linked through a communications network. In a distributed cloudcomputing environment, program modules may be located in both local andremote computer system storage media including memory storage devices.

As shown in FIG. 1, computer system 12 in cloud computing node 10 isshown in the form of a general-purpose computing device. The componentsof computer system 12 may include, but are not limited to, one or moreprocessors in processor unit 16, memory 28, and bus 18 that couplesvarious system components, including memory 28, to processor unit 16.

Processor unit 16 processes instructions for software that may be loadedinto memory 28. Processor unit 16 may be a number of processors, amulti-processor core, or some other type of processor, depending on theparticular implementation. “A number”, as used herein with reference toan item, means one or more items. Further, processor unit 16 may beimplemented using a number of heterogeneous processor systems in which amain processor is present with secondary processors on a single chip. Asanother illustrative example, processor unit 16 may be a symmetricmulti-processor system containing multiple processors of the same type.

Bus 18 represents one or more of any of several types of bus structures,including a memory bus or memory controller, a peripheral bus, anaccelerated graphics port, and a processor or local bus using any of avariety of bus architectures. By way of example, and not limitation,such architectures include Industry Standard Architecture (ISA) bus,Micro Channel Architecture (MCA) bus, Enhanced ISA (EISA) bus, VideoElectronics Standards Association (VESA) local bus, and PeripheralComponent Interconnects (PCI) bus.

Computer system 12 typically includes a variety of computer systemreadable media. Such media may be any available media that is accessibleby computer system 12, and it includes both volatile and non-volatilemedia, and removable and non-removable media.

Memory 28 can include computer system readable media in the form ofvolatile memory, such as random access memory (RAM) 30 and/or cache 32.Computer system 12 may further include other removable/non-removable,volatile/non-volatile computer system storage media. By way of exampleonly, storage system 34 can be provided for reading from and writing toa non-removable, non-volatile magnetic media (not shown and typicallycalled a “hard drive”). Although not shown, a magnetic disk drive forreading from and writing to a removable, non-volatile magnetic disk(e.g., a “floppy disk”), and an optical disk drive for reading from orwriting to a removable, non-volatile optical disk, such as a CD-ROM,DVD-ROM, or other optical media, can be provided. In such instances,each can be connected to bus 18 by one or more data media interfaces. Aswill be further depicted and described below, memory 28 may include atleast one program product having a set of program modules that areconfigured to carry out the functions of embodiments of the invention.As used herein, “a set”, when referring to items, means one or moreitems.

Program/utility 40, having a set of program modules 42, may be stored inmemory 28. Memory 28 may also store, for example, without limitation, anoperating system, one or more application programs, other programmodules, and program data. Each of the operating systems, one or moreapplication programs, other program modules, program data, or somecombination thereof may include an implementation of a networkingenvironment. Program modules 42 generally carry out the functions and/ormethodologies of embodiments of the invention as described herein.

Computer system 12 may also communicate with one or more externaldevices 14, such as a keyboard, a pointing device, display 24, etc.; oneor more devices that enable a user to interact with computer system 12;and/or any devices (e.g., network card, modem, etc.) that enablecomputer system 12 to communicate with one or more other computingdevices. Such communication can occur via I/O interfaces 22. Still yet,computer system 12 can communicate with one or more networks, such as alocal area network (LAN), a general wide area network (WAN), and/or apublic network (e.g., the Internet) via network adapter 20. As depicted,network adapter 20 communicates with the other components of computersystem 12 via bus 18. It should be understood that, although not shown,other hardware and/or software components could be used in conjunctionwith computer system 12. Examples include, but are not limited to,microcode, device drivers, redundant processor units, external diskdrive arrays, RAID systems, tape drives, data archival storage systems,etc.

Instructions for the operating system, applications, and/or programs maybe located in storage devices in memory 28. In these illustrativeexamples, the instructions are in a functional form on storage system34. These instructions may be loaded into random access memory 30 forprocessing by processor unit 16.

These instructions are referred to as program code, computer usableprogram code, or computer readable program code that may be read and runby a processor in processor unit 16. The program code in the differentembodiments may be embodied on different physical or computer readablestorage media, such as random access memory 30 or storage system 34.

Program code 26 is located in a functional form on computer readablemedia 36 that is selectively removable and may be loaded onto ortransferred to computer system 12 for processing by processor unit 16.Program code 26 and computer readable media 36 form computer programproduct 38 in these examples. In one example, computer readable media 36may be computer readable storage media 46 or computer readable signalmedia 44. Computer readable storage media 46 may include, for example,an optical or magnetic disk that is inserted or placed into a drive orother device that is part of a persistent storage transfer onto astorage device, such as a hard drive, that is part of the persistentstorage. Computer readable storage media 46 also may take the form of apersistent storage, such as a hard drive, a thumb drive, or a flashmemory, that is connected to computer system 12. In some instances,computer readable storage media 46 may not be removable from computersystem 12. In these examples, computer readable storage media 46 is aphysical or tangible storage device used to store program code 26 ratherthan a medium that propagates or transmits program code 26. Computerreadable storage media 46 is also referred to as a computer readabletangible storage device or a computer readable physical storage device.In other words, computer readable storage media 46 is a media that canbe touched by a person.

Alternatively, program code 26 may be transferred to computer system 12using computer readable signal media 44. Computer readable signal media44 may be, for example, a propagated data signal containing program code26. For example, computer readable signal media 44 may be anelectromagnetic signal, an optical signal, and/or any other suitabletype of signal. These signals may be transmitted over communicationslinks, such as wireless communications links, optical fiber cable,coaxial cable, a wire, and/or any other suitable type of communicationslink. In other words, the communications link and/or the connection maybe physical or wireless in these illustrative examples.

In some illustrative embodiments, program code 26 may be downloaded overa network to a persistent storage in computer system 12 from anotherdevice or data processing system through computer readable signal media44 for use within computer system 12. For instance, program code storedin a computer readable storage medium in a server data processing systemmay be downloaded over a network from the server to computer system 12.The data processing system providing program code 26 may be a servercomputer, a client computer, or some other device capable of storing andtransmitting program code 26.

Referring now to FIG. 2, an illustration of a cloud computingenvironment is depicted in accordance with an illustrative embodiment.As illustrated, cloud computing environment 50 comprises one or morecloud computing nodes, such as cloud computing node 10 in FIG. 1. One ormore cloud computing nodes may communicate with local computing devicesused by cloud consumers, such as, for example, without limitation, apersonal digital assistant (PDA) or a cellular telephone 54A, desktopcomputer 54B, laptop computer 54C, and/or automobile computer system54N. Cloud computing node 10 may communicate with other cloud computingnodes. They may be grouped (not shown) physically or virtually, in oneor more networks, such as private, community, public, or hybrid clouds,as described hereinabove, or a combination thereof. This allows cloudcomputing environment 50 to offer infrastructure, platforms, and/orsoftware as services for which a cloud consumer does not need tomaintain resources on a local computing device.

It is understood that the types of computing devices 54A-N shown in FIG.2 are intended to be illustrative only and that cloud computing nodes 10and cloud computing environment 50 can communicate with any type ofcomputerized device over any type of network and/or network addressableconnection (e.g., using a web browser). Program code located on one ofcloud computing node 10 may be stored on a computer recordable storagemedium in one of cloud computing node 10 and downloaded to a computingdevice within computing devices 54A-N over a network for use in thesecomputing devices. For example, a server computer in cloud computingnode 10 may store program code on a computer readable storage medium onthe server computer. The server computer may download the program codeto a client computer in computing devices 54A-N for use on the clientcomputer.

With reference now to FIG. 3, an illustration of model layers isdepicted in accordance with an illustrative embodiment. The model layersare a set of functional abstraction layers provided by a cloud computingenvironment, such as cloud computing environment 50 in FIG. 2. It shouldbe understood in advance that the components, layers, and functionsshown in FIG. 3 are intended to be illustrative only and the embodimentsof the invention are not limited thereto. As depicted, the followinglayers and corresponding functions are provided:

Hardware and software layer 60 includes hardware and softwarecomponents. Examples of hardware components include mainframes, forexample, IBM® zSeries® systems; RISC (Reduced Instruction Set Computer)architecture based servers, for example, IBM pSeries® systems; IBMxSeries® systems; IBM BladeCenter® systems; storage devices; networks;and networking components. Examples of software components includenetwork application server software, for example, IBM WebSphere®application server software; and database software, for example, IBMDB2® database software. (IBM, zSeries, pSeries, xSeries, BladeCenter,WebSphere, and DB2 are trademarks of International Business MachinesCorporation registered in many jurisdictions worldwide.)

Virtualization layer 62 provides an abstraction layer from which thefollowing examples of virtual entities may be provided: virtual servers;virtual storage; virtual networks, including virtual private networks;virtual applications and operating systems; and virtual clients.

In one example, management layer 64 may provide resource provisioning,metering and pricing, a user portal, service level management, and/orservice level agreement (SLA) planning and fulfillment. Resourceprovisioning provides dynamic procurement of computing resources andother resources that are utilized to perform tasks within the cloudcomputing environment. Metering and pricing provide cost tracking asresources are utilized within the cloud computing environment andbilling or invoicing for consumption of these resources. In one example,these resources may comprise application software licenses. Securityprovides identity verification for cloud consumers and tasks, as well asprotection for data and other resources. User portal provides access tothe cloud computing environment for consumers and system administrators.Service level management provides cloud computing resource allocationand management such that required service levels are met. Service LevelAgreement planning and fulfillment provide pre-arrangement for andprocurement of cloud computing resources for which a future requirementis anticipated in accordance with an SLA.

Workloads layer 66 provides examples of functionality for which thecloud computing environment may be utilized. Examples of workloads andfunctions, which may be provided from this layer include: mapping andnavigation, software development and lifecycle management, virtualclassroom education delivery, data analytics processing, transactionprocessing, and communications management. With respect tocommunications, one or more of the illustrative embodiments may beimplemented to provide communications between server applications andagent applications in workloads layer 66. These communications may beused to manage devices on which the agent applications are located.

The different illustrative embodiments recognize and take into account anumber of different considerations. The different illustrativeembodiments recognize and take into account that with polling, theinterval time at which polling occurs needs to be short enough so thatrequests can be processed. However, if the polling interval is tooshort, traffic may occur even when no work is being performed. As aresult, a decrease in available bandwidth for other traffic may occur inthe network.

With agent applications using listening sockets, commands may bedelivered quickly to the agent application. The delay present withpolling does not occur. Further, network bandwidth is not consumed in anunnecessary fashion. In other words, traffic does not occur when work isnot present. Using listening sockets, however, may require areconfiguration of any firewalls between the server process and agentapplication to allow traffic between these two processes. The differentillustrative embodiments recognize and take into account that withcloud-based systems, firewalls typically only allow traffic in onedirection. As a result, the use of listening sockets may be moredifficult with cloud computing.

The different illustrative embodiments recognize and take into accountthat persistent connections may avoid the need to reconfigure afirewall. Further, a persistent connection also may allow for moretimely delivery of urgent commands from the server to the client. Thedifferent illustrative embodiments recognize and take into account thateach point of connection between a server application and a clientprocess may use resources that are limited. These and other solutionsalso may require changes to the infrastructure of a network. Thesechanges typically require time and expense. As a result, the differentillustrative embodiments recognize and take into account that thescalability of this technique may be limited.

Thus, the different illustrative embodiments provide a method andapparatus for providing communications between server applications andclient processes. The different illustrative embodiments provide thecapability to deliver messages that may require processing more quicklyas compared to other messages. These messages may be delivered withoutneeding reconfiguration of firewalls or dedicated infrastructures.

With listening sockets, additional infrastructure in terms of servercomputers and server applications may be needed.

With reference now to FIG. 4, a block diagram of a communicationsenvironment is depicted in accordance with an illustrative embodiment.Communications environment 400 is an example of an environment that maybe in workloads layer 66 in FIG. 3. More specifically, communicationsenvironment 400 may be used to provide communications management inworkloads layer 66. As depicted, server applications 402 run on set ofserver computer systems 404. “A set”, as used herein with reference toitems, means one or more items. For example, “a set of server computersystems” is one or more server computer systems.

In these illustrative examples, set of server computer systems 404 maybe implemented using computer system 12 in FIG. 1. Agent applications406 run on client computer systems 408. In these illustrative examples,client computer systems 408 may be implemented using computer system 12in FIG. 1. Client computer systems 408 are located in networks 410.

Server applications 402 on set of server computer systems 404 and agentapplications 406 on client computer systems 408 communicate with eachother in these illustrative examples. For example, server application412 in server applications 402 running on server computer system 414 inset of server computer systems 404 may communicate with one or moreagent applications 406 running on client computer systems 408.

Additionally, agent applications 406 may also communicate with serverapplication 412. For example, agent applications 406 may periodicallypoll server application 412. Agent applications 406 may provide a statusor availability of agent applications 406 through polling serverapplication 412. In these illustrative examples, agent applications 406may poll server application 412.

For example, agent application 416 has polling interval 418. Pollinginterval 418 is a time period after which agent application 416 pollsserver application 412. In other words, when polling interval 418occurs, agent application 416 initiates communication with serverapplication 412. In these illustrative examples, agent application 416sends contact information 420 and identity information 421 to serverapplication 412. Contact information 420 comprises addresses that may beused to communicate with agent application 416. In these illustrativeexamples, identity information 421 is an identity for the network onwhich agent application 416 is located.

In these illustrative examples, agent application 416 may be contactedby server application 412 using listening socket 422. Listening socket422 is a construct that may be used to receive communications fromserver application 412.

In these illustrative examples, commands from server application 412 arenot received through listening socket 422. Instead, server application412 identifies itself to agent application 416 through listening socket422. For example, server application 412 may authenticate itself. Thisauthentication may be performed by sending a certificate or credentials.This authentication process is optional and may not be used in otherillustrative examples.

When an authenticated connection is present on listening socket 422,agent application 416 initiates communication with server application412. The initiation of communication with server application 412 occurseven if polling interval 418 has not occurred yet.

When server application 412 desires to communicate with agentapplication 416, server application 412 sends request 424 to listeningsocket 422. As discussed above, request 424 may include authenticationinformation as well as identifying information about server application412. When agent application 416 initiates communication with serverapplication 412, server application 412 may then send commands, data,program code, and other information to agent application 416.

In some cases, agent application 416 may not respond to request 424.This situation may occur for various reasons. For example, serverapplication 412 may be unable to reach agent application 416 because ofa firewall between server application 412 and agent application 416.

In this case, server application 412 may be unable to initiatecommunication with agent application 416. Server application 412 maythen wait until agent application 416 again communicates with serverapplication 412.

In some cases, the need to communicate with agent application 416 may beurgent enough that waiting for agent application 416 to initiatecommunications is undesirable. In these illustrative examples, serverapplication 412 may identify zone 426 for client computer system 428 onwhich agent application 416 is running. Server application 412 may thenwait for another agent application in the same zone to send a pollingrequest to server application 412. For example, if agent application 430running on client computer system 432 sends polling request 434 toserver application 412, server application 412 may identify agentapplication 430 as being in the same zone, zone 426, as agentapplication 416.

In these illustrative examples, zone 426 is a grouping of computersystems. In particular, computer systems within zone 426 are selectedsuch that they are able to communicate with each other. For example,computer systems within zone 426 may be in the same network or anothernetwork. In other words, agent applications running on client computersystems grouped into zone 426 may not have the same issues or problemsin communicating with each other as server application 412 running onserver computer system 414. For example, firewalls or otherarchitectural restrictions may be absent in a client computer systemselected for zone 426.

In these illustrative examples, agent application 430 may send pollingrequest 434 prior to the time when agent application 416 is scheduled tosend a polling request. As a result, server application 412 is able toestablish communication with agent application 430. In theseillustrative examples, server application 412 sends command 436 to agentapplication 430.

Command 436, in these illustrative examples, is a command that causesagent application 430 to send request 438 to listening socket 422 ofagent application 416.

Command 436, in these illustrative examples, is a command that causesagent application 430 to send request 438 to listening socket 422 ofagent application 416. Request 438 is not a request for agentapplication 416 to communicate with agent application 430 in theseillustrative examples. Instead, request 438 is a request for agentapplication 416 to communicate with server application 412. In theseillustrative examples, the configuration of networks 410 is made suchthat agent application 430 is able to communicate with agent application416 when server application 412 is unable to communicate with agentapplication 416.

In response, agent application 416 sends polling request 440 to serverapplication 412. Polling request 440 occurs sooner than scheduled inresponse to request 438 received from agent application 430.

In another illustrative example, server application 412 may send request442 to listening socket 444 for agent application 430. In response,agent application 430 initiates communication with server application412. When that communication is initiated, server application 412 sendscommand 436.

As depicted, server application 412 may use agent database 446 to selectagent application 430. Agent database 446 identifies agent applicationsin agent applications 406 that may be used to send requests to an agentapplication that does not respond to the server application.

Each agent application in agent applications 406 is configured tocommunicate with another agent application in response to a request froma server application. In this manner, server application 412 maycommunicate with agent application 416 with less delay. In theseillustrative examples, agent application 430 functions as a proxy forserver application 412 when server application 412 is unable to reachagent application 416.

As a result, polling intervals, such as polling interval 418, may beincreased to reduce traffic on networks. For example, polling interval418 may be increased to one hour intervals.

When server application 412 needs to communicate with agent application416 and is unable to do so through listening socket 422, the delay maybe reduced from the remaining time intervals to seconds when command 436is used. For example, if forty minutes are left until agent application416 is again to poll server application 412 again and agent application416 does not receive request 424 through listening socket 422, serverapplication 412 may send request 442 to agent application 430 overlistening socket 444. By sending command 436, agent application 430 usesrequest 438 to cause agent application 416 to communicate with serverapplication 412.

This process may take seconds rather than minutes. In this manner,issues with the use of bandwidth on networks and changing networkinfrastructures may be avoided with communications environment 400.

The illustration of communications environment 400 in FIG. 4 is notmeant to imply any physical or architectural limitation in which anillustrative embodiment may be implemented. Other components in additionto and/or in place of the ones illustrated may be used. Some componentsmay be unnecessary. Also, the blocks are presented to illustrate somefunctional components. One or more of these blocks may be combinedand/or divided into different blocks when implemented in an illustrativeembodiment.

For example, in some illustrative examples, a server application inserver applications 402 may function as an agent application. In otherwords, server application 412 may send a request to another serverapplication when server application 412 is unable to contact agentapplication 416. That other server application may then send a requestto communicate with server application 412 to listening socket 422 foragent application 416.

With reference now to FIG. 5, an illustration of contact information isdepicted in accordance with an illustrative embodiment. In thisillustrative example, an example of an implementation for contactinformation 420 in FIG. 4 is depicted. In this illustrative example,contact information 420 includes addresses 500.

As depicted, addresses 500 includes client computer system Internetprotocol address 502. This address is the address of the client computersystem on which the client agent is located. This information is sent tothe server application each time the agent application contacts theserver application and the information has changed. In some cases, thisinformation may be sent every time the agent application contacts theserver application. In these illustrative examples, each agent tracksits own address and notifies the server application of its address

Turning next to FIG. 6, an illustration of identity information isdepicted in accordance with an illustrative embodiment. In this depictedexample, identity information 421 includes router Internet protocoladdress 600 and router media access control address 602. These addressesare addresses for router use by the client computer system. Inparticular, the router is the default router for the client computersystem on which the agent application runs. This information also issupplied to the server application each time the agent applicationcontacts the server application and the information has changed in theseillustrative examples.

The illustration of addresses 500 for contact information 420 in FIG. 5and router Internet protocol address 600 and router media access controladdress 602 for identity information 421 in FIG. 6 is not meant to implylimitations to the manner in which contact information 420 and identityinformation 421 may be implemented. For example, the client computersystem on which the agent application is located may have more than oneInternet protocol address. Those additional addresses may be included inaddresses 500.

In another illustrative example, other types of information may be usedin identity information 421 to identify a network on which an agentapplication is located. This information may be any information that theagent application can identify.

With reference now to FIG. 7, an illustration of an implementation foran agent database is depicted in accordance with an illustrativeembodiment. In this illustrative example, an example of information inagent database 446 is depicted. In these illustrative examples, agentdatabase 446 has zones 700. Within zones 700 is set of networks 702containing client computer systems 704. “A set”, as used herein withreference to items, means one or more items. For example, “a set ofnetworks” is one or more networks.

In selecting networks for a zone, the zones may be selected such thatnetworks may have access to each other without issues that may beencountered by a server application. For example, client computersystems in the same network may communicate with each other withoutcrossing a firewall. As a result, agent applications on these clientcomputer systems may not have the same issues communicating with eachother as compared to a server application on a server computer systemoutside of the network. As another example, some networks may be groupedwith each other. These networks may be subnets in which issues withfirewalls or other infrastructures may not be present as compared to aserver application running on a server computer system outside of thosenetworks.

For example, zone 706 in zones 700 may include network 708 and network710. As depicted, network 708 includes client computer system 712, andnetwork 710 includes client computer system 714 and client computersystem 716.

As a result, if an agent application does not respond to a request froma server application, the zone of the client application may beidentified. For example, if zone 706 is identified and the agentapplication is located on a client computer system in client computersystem 714 in network 710, the server application may select an agentapplication on a client computer system in client computer system 712 tosend a command to the agent application to communicate with the serverapplication.

The illustration of information in agent database 446 is not meant toimply limitations to the manner in which agent databases may beimplemented. The information illustrated in FIG. 7 is only meant as anexample of one manner in which agent database 446 may be implemented.

Turning now to FIG. 8, an illustration of a client entry in agentdatabase 446 in FIG. 4 is depicted in accordance with an illustrativeembodiment. In this illustrative example, entry 800 includes clientcomputer system address 802 and pointer to network identity 804. Clientcomputer system address 802, in these examples, is one or more Internetprotocol addresses for the client computer system. Pointer to networkidentity 804 is a pointer to another entry containing information aboutthe network in which the client computer system is located that has theagent application.

With reference now to FIG. 9, an illustration of an entry for a networkidentity is depicted in accordance with an illustrative embodiment. Inthis illustrative example, entry 900 includes router address 902 andmedia access control address 904. Router address 902 is one or moreInternet protocol addresses for the router to the network in which theclient computer system is located. Media access control address 904 isthe media access control address for the router.

In many cases, the Internet protocol address of the router may beinsufficient for identifying the network. Different networks may use thesame default router address, such as 192.168.1.1. In this manner, themedia access control address may allow for a unique identification ofthe network. Entry 900 also includes zone 906. Zone 906 identifies azone in which the network has been grouped. One or more networks may bepresent in a zone, depending on the particular implementation. As aresult, all client computer systems in a network are located in the samezone in these examples. A zone may include more than one network. In theillustrative examples, networks in the same zone have a common firewall.

With reference now to FIG. 10, an illustration of a communicationsenvironment is depicted in accordance with an illustrative embodiment.Communications environment 1000 is an example of one implementation ofcommunications environment 400 in FIG. 4. In this illustrative example,communications environment 1000 includes service provider 1002,cloud-based hosting 1004, and customer network 1006. In thisillustrative example, service provider 1002, cloud-based hosting 1004,and customer network 1006 are connected to network 1008. Network 1008may be one or more networks. In these illustrative examples, network1008 includes the Internet. Service provider 1002 has firewall 1010,cloud-based hosting 1004 has firewall 1012, and customer network 1006has firewall 1014.

In this illustrative example, an operator uses administrative consolecomputer system 1016 to perform a management operation on clientcomputer system 1018 in customer network 1006. In these depictedexamples, these management operations are performed using a servercomputer system in cloud based hosting 1004. In particular, the requestmay be sent from administrative console computer system 1016 to servercomputer system 1019 in cloud-based hosting 1004. In response, thismanagement operation is sent in a request directed to client computersystem 1018. The request in this example is blocked by firewall 1014 atcustomer network 1006.

In this example, client computer system 1018 contacts server computersystem 1019. This contact is the scheduled contact through a pollingmechanism in client computer system 1022. Client computer system 1022contacts server computer system 1019 at a time prior to when clientcomputer system 1018 is scheduled to contact server computer system1019.

In response to this communication, server computer system 1019 sends acommand to contact client computer system 1018. In response to receivingthis command, client computer system 1022 sends the request to clientcomputer system 1018. Client computer system 1022 is able to communicatewith client computer system 1018, because the communication does nottravel across firewall 1014 in these illustrative examples.

In turn, client computer system 1018 now contacts server computer system1019. In this manner, communication with client computer system 1018 maybe established more quickly than waiting for client computer system 1018to contact server computer system 1019 through the normal pollingmechanism.

In this example, if the polling interval for computers at customernetwork 1006 is once an hour, the delay in processing the pollingrequest may be reduced when one of these computers in customer network1006 contacts server computer system 1019. For example, if clientcomputer system 1018 is not due to contact server computer system 1019for another 40 minutes, those 40 minutes may be reduced to two minutes,or even seconds, depending on the time at which one of the clientcomputers in customer network 1006 contacts server computer system 1019.

With reference now to FIG. 11, a flowchart of a process for managingcommunications with agent applications is depicted in accordance with anillustrative embodiment. The process illustrated in FIG. 11 may beimplemented in communications environment 400 in FIG. 4. Morespecifically, the different steps illustrated in this flowchart may beimplemented as program code for server application 412 in FIG. 4.

The process begins by sending a first request to a first agentapplication to communicate with the server application (step 1100). Inthese illustrative examples, the server computer system is the servercomputer system on which the server application is located. The firstagent application is located on a first network.

A determination is made as to whether the first agent applicationresponds to the first request (step 1102). If the first agentapplication responds to the first request, the server application on theserver computer system communicates with the first agent application(step 1104), with the process terminating thereafter.

With reference again to step 1102, if the first agent application failsto respond to the first request, the server application sends a secondrequest to another agent application to instruct the first agentapplication to communicate with the server application (step 1106). Inthese illustrative examples, the agent application in step 1106 islocated in the same zone as the first agent application. The processthen returns to step 1102. The agent application in step 1106 may belocated in the same network of another network as the first agentapplication. In these examples, agent applications in the same zone mayhave the same communication problems as the server application. Forexample, the different agent applications in the same zone may not havean intervening firewall between them. The agent applications may be ondifferent networks, such as different subnets, in which a firewall isnot present between the two subnets.

In sending the request in step 1106, a different agent may be used eachtime the process loops back through step 1106 in these illustrativeexamples. In this manner, a request may be made to every agentapplication until the original agent application makes contact with theserver application.

Turning next to FIG. 12, a flowchart of a process for managingcommunications with agent applications is depicted in accordance with anillustrative embodiment. The process depicted in FIG. 12 may beimplemented as program code in server application 412 in FIG. 4.

The process begins by determining whether an outstanding request ispresent for a first agent application (step 1200). This request is arequest sent to the first agent application from the server applicationin these illustrative examples. The outstanding request may be a flagset for a particular network. If an outstanding request is not present,the process terminates.

Otherwise, if an outstanding request to the first agent application ispresent, the process identifies a zone for the first agent application(step 1202). In this example, the zone may be identified using agentdatabase 446 in FIG. 4.

The process then waits for an agent application to contact the serverapplication (step 1204). When an agent application contacts the serverapplication, a determination is made as to whether the agent applicationis the first agent application (step 1206). If the agent application isthe first agent application, the process communicates with the firstagent application (step 1208), with the process terminating thereafter.

With reference again to step 1206, if the agent application is not thefirst agent application, the process identifies a zone for the agentapplication that is contacting the server application (step 1210). Adetermination is made as to whether the zone of the agent application isthe same zone as the first agent application (step 1212). If the agentapplication is the same zone, the process sends a request to this agentapplication to instruct the first agent application to communicate withthe server application (step 1214). The process then returns to step1204 as described above. The process also returns to step 1204 if theagent application is not the same zone as the first agent application instep 1212.

With reference now to FIG. 13, a flowchart of a process for processing aserver application is depicted in accordance with an illustrativeembodiment. The process illustrated in FIG. 13 may be implemented inprogram code in an agent application, such as agent application 416 oragent application 430 in FIG. 4. In these illustrative examples, thisprocess may be initiated by the agent application sending a pollingrequest based on a polling interval. In other examples, this process maybe performed in response to receiving a request on a listening socketfrom a server application.

The process begins by sending a polling request to a server application(step 1300). A determination is made as to whether updated contactinformation and/or updated identity information is present (step 1302).If updated contact information and/or updated identity information ispresent, the process then sends updated contact information and/orupdated identity information to the server application (step 1304).

A determination is made as to whether the communication is a requestfrom the server application to instruct another agent application tocontact the server application (step 1306). The process also proceeds tostep 1306 from step 1302 if updated information is not present.

If the request is not to instruct the agent application to contact theother agent application, the communication is processed (step 1308),with the process terminating thereafter. This processing may includeperforming updates, deleting files, changing configurations, and othersuitable operations.

With reference again to step 1306, if the request is to instruct theagent application to contact the other agent application, the processthen sends a request to the listening socket of the second agentapplication (step 1310), with the process then proceeding to step 1308.In this case, the agent application processes remaining portions of thecommunication that may be present in addition to the request. In theseillustrative examples, the request received from the server applicationincludes an address of the other agent application. This information isused to send the request to the listening socket of the other agentapplication.

This request sent to the listening socket includes the information forthe server application. In this manner, an agent application may help aserver application cause the other agent application that cannot bereached by the server application to contact the server application.

With reference now to FIG. 14, a flowchart of a process for managing arequest received over a listening socket is depicted in accordance withan illustrative embodiment. The process illustrated in FIG. 14 may beimplemented in program code in an agent application, such as agentapplication 416 or agent application 430 in FIG. 4.

The process begins by receiving a request at a listening socket for theagent application (step 1400). The process then authenticates therequest (step 1402). This authentication may include, for example,examining a certificate or other credentials sent in the request. Adetermination is made as to whether the request is authenticated ascoming from an application to which the agent application will respond(step 1404). If the request is authenticated, the process then initiatesa polling request to a server application (step 1406), with the processterminating thereafter. This polling request is sent to a serverapplication assigned to the agent application. In some cases, thepolling request is made to the application identified in the request.For example, an Internet protocol address may be included in therequest.

With reference again to step 1404, if the request is not authenticated,the process terminates. In this manner, reduced traffic may occur whenunauthorized requests, such as those generated by denial of serviceattacks, occur.

The flowcharts and block diagrams in the different depicted embodimentsillustrate the architecture, functionality, and operation of somepossible implementations of apparatus, methods, and computer programproducts. In this regard, each block in the flowcharts or block diagramsmay represent a module, segment, or portion of computer usable orreadable program code, which comprises one or more executableinstructions for implementing the specified function or functions. Insome alternative implementations, the function or functions noted in theblock may occur out of the order noted in the figures. For example, insome cases, two blocks shown in succession may be processedsubstantially concurrently, or the blocks may sometimes be processed inthe reverse order, depending upon the functionality involved.

For example, the authentication steps in FIG. 14 may be omitted in someimplementations. As yet another example, an authentication step is notdepicted for contacting the listening socket in FIG. 14. Authenticationmay be added for contacts to listening sockets in this figure.

The terminology used herein is for the purpose of describing particularembodiments only and is not intended to be limiting of the invention. Asused herein, the singular forms “a”, “an”, and the are intended toinclude the plural forms as well, unless the context clearly indicatesotherwise. It will be further understood that the terms “comprises”and/or “comprising,” when used in this specification, specify thepresence of stated features, integers, steps, operations, elements,and/or components but do not preclude the presence or addition of one ormore other features, integers, steps, operations, elements, components,and/or groups thereof.

The corresponding structures, materials, acts, and equivalents of allmeans or step plus function elements in the claims below are intended toinclude any structure, material, or act for performing the function incombination with other claimed elements as specifically claimed. Thedescription of the present invention has been presented for purposes ofillustration and description but is not intended to be exhaustive orlimited to the invention in the form disclosed. Many modifications andvariations will be apparent to those of ordinary skill in the artwithout departing from the scope and spirit of the invention. Theembodiment was chosen and described in order to best explain theprinciples of the invention and the practical application and to enableothers of ordinary skill in the art to understand the invention forvarious embodiments with various modifications as are suited to theparticular use contemplated.

1. A method for communicating with a server application, the methodcomprising: receiving, by a first agent application on a first clientcomputer system, a first request from the server application to requestto instruct a second agent application on a second client computersystem to communicate with the server application; and responsive toreceiving the first request, sending, by the first agent application, asecond request to the second agent application on the second clientcomputer system to communicate with the server application.
 2. Themethod of claim 1, wherein the sending step comprises: sending thesecond request to a listening socket used by the second agentapplication on the second client computer system.
 3. The method of claim1, wherein the second request includes an address for the serverapplication.
 4. The method of claim 1, wherein the sending stepcomprises: identifying an address for the second agent application fromthe first request; and sending the second request to the address for thesecond agent application.
 5. The method of claim 1 further comprising:sending a polling request to the server application; and sending contactinformation and identity information to the server application.
 6. Themethod of claim 1 further comprising: authenticating the first requestfrom the server application; and responsive to an absence of theauthentication of the first request as being from the serverapplication, preventing the sending of the second request to the secondagent application on the second client computer system.
 7. The method ofclaim 1, wherein the first client computer system and the second clientcomputer system are grouped in a zone in which communications betweenthe first client computer system and the second client computer systemoccur without a firewall. 8-20. (canceled)